By Gerasimos C. Meletiou, Arne Winterhof (auth.), Joachim von zur Gathen, José Luis Imaña, Çetin Kaya Koç (eds.)

ISBN-10: 3540694986

ISBN-13: 9783540694984

This ebook constitutes the refereed complaints of the second one overseas Workshop at the mathematics of Finite Fields, WAIFI 2008, held in Siena, Italy, in July 2008.

The sixteen revised complete papers offered have been rigorously reviewed and chosen from 34 submissions. The papers are geared up in topical sections on buildings in finite fields, effective finite box mathematics, effective implementation and architectures, class and building of mappings over finite fields, and codes and cryptography.

For left-to-right windowing methods with windows of width w ≥ 2, the authors of [6] distinguish three type of operations and consider three coordinate systems C i , 1 ≤ i ≤ 3: Fast Point Multiplication on Elliptic Curves without Precomputation 43 1. intermediate point doubling: C 1 → C 1 , R0 → [2]R0 ; 2. ﬁnal point doubling: C 1 → C 2 , R0 → [2]R0 ; 3. point addition: C 2 × C 3 → C 1 , (R0 , R1 ) → R0 + R1 . For inversion-free routines (or when the relative speed of I to M is slow), they conclude that the optimal strategy is to choose C 1 = J m , C 2 = J and C 3 = J c .

Our strategy is to make use of mixed coordinate systems but, unlike [6], we do this on binary methods for scalar multiplication. Such a strategy only reveals useful for the right-to-left methods because, as will become apparent later, the point addition routine and the point doubling routine may use diﬀerent input/output coordinate systems. This gives rise to further gains not available for left-to-right methods. The rest of this paper is organized as follows. In the next section, we introduce some background on elliptic curves and review their arithmetic.

N-t+1). Thus: Lemma 2. (n-t+1). (n-t+1). Lemma 3. (Combinatorics on the orbits): Consider G a group of degree n that operate on En and by extension also on Eqn by applying operation on the subscripts. Then for any a, b in Eq , any x in Eqn : 1. For any G then: |x G |≤ |G |. 2. For any G then: |(an ) G |= 1. 3. If G is t-transitive then for j

